The invention relates to a method and a configuration for the transmission of signals from generating functional units to processing functional units of electrical circuits, which can be used, in particular, to prevent the interception of secret information being exchanged between two functional units of a circuit that are located separately in the layout. Since secret information, for instance cipher information or personal data, is stored on Smartcard controllers, this represents a special application area of the invention.
Developments in microelectronics in the 1970s enabled small computers to be produced in credit card format without a utilization interface. Computers of this kind are known as Smartcards. In a Smartcard, data memories and arithmetic-logic units are integrated in a single chip just a few square millimeters in size. Smartcards are used, in particular, as telephone cards, GSM-SIM cards, in the banking industry and the health sector. The Smartcard has thus become an omnipresent computer platform.
Smartcards are currently viewed primarily as secure storage locations for secret data, and as a safe execution platform for cryptographic algorithms. The assumption of a relatively high security of data and algorithms on the card is based on the hardware structure of the card and the interfaces leading to the outside. The card is presented to the outside world as a “black box” having a functionality that can be exploited only via a well-defined hardware and software interface, and which can compel certain safety policies. On the one hand, access to data can be linked to certain conditions. Critical data, such as secret codes of a public key method, may even be completely withdrawn from access from outside. On the other hand, a Smartcard is capable of executing algorithms without the execution of individual operations being observable from outside. The algorithms themselves can be protected on the card from being modified and read out. In the object-oriented sense, the Smartcard can be regarded as an abstract data type which has a well-defined interface, exhibits a specified behavior and is even capable of ensuring adherence to certain integrity conditions as regards its status.
Essentially, there are two different types of Smartcards. Memory cards have only one serial interface, one addressing and safety logic circuit and ROM and EEPROM memories. These cards have only limited functionality and serve a specific purpose. For this reason, they are especially cheap to produce. In principle, Smartcards produced as microprocessor cards represent a completely universal computer.
The production and delivery process for chip cards can be divided into the following phases:                producing the semiconductor        embedding the semiconductor        printing the card        personalizing the card        issuing the card.        
In general, each phase is carried out by a company specializing in this particular work. In producing the semiconductor, good in-company security must be ensured, particularly in the case of cards with hard-wired safety logic. In order that the manufacturer can perform a correct final test, the complete memory must be freely accessible. Only after the final test is the chip secured with a transport code. Subsequently, access to the card memory is possible only by authorized agencies who know the transport code. The theft of brand-new semiconductors will therefore not entail any consequences. Authorized agencies may be personalizers or card issuers. No further security functions are necessary for the embedding and printing processes. The companies in question do not need to know the transport code.
In general, it is not the card manufacturer but the issuing agency (for instance a bank, telephone company, health insurance company etc.) that transfers the person-specific data to the card. This process is known as personalization. Knowledge of the transport code is necessary for this.
The issuing of the card, i.e. transport from the issuing agency to the card holder, represents a further security problem. Strictly speaking, only personal issuing to the card holder against his signature and presentation of proof of identity is secure. Although dispatch by post is often more economical, it is also fairly insecure. Another problem is the sending of the PIN to the card holder, where the same care must be taken as with the card.
Owing to the sensitive, security-relevant contents of the memories located on Smartcard controllers, additional protection, apart from observance of these security measures, must be ensured against possible activities of hackers, extending into all phases of the life of a Smartcard—starting from its production, through the transport and use of the card, up to the manipulation of cards that have become unusable.
Some hacker attacks use the approach of manipulating signals that are exchanged between two functional units located separately in the layout. Sensitive signals on Smartcard controllers are, for example, reset and status signals as well as timing circuits. These are usually exchanged between analog subblocks and the digital logic block over fairly great distances on the chip. Hitherto, sensitive circuits of this kind have been protected by means of special layouts, for example:                the circuits are laid out on low-level metallic planes because they are thereby difficult to probe.        the circuits are “hidden” beneath higher-level tracks.        they are routed in parallel with other, less sensitive circuits, so the sensitive circuits are not conspicuous.        
An experienced hacker can, however, still identify, connect and thereby manipulate the sensitive circuits with a little effort.